<?php

namespace App\Http\Middleware;

use Closure;
use Cache;
use App\Http\Lib\Output;

class CheckPermission
{
    /**
     * Handle an incoming request.
     *
     * @param  \Illuminate\Http\Request  $request
     * @param  \Closure  $next
     * @return mixed
     */
    public function handle($request, Closure $next)
    {
        $uid = \Session::get('uid', 0);
        $route = $request->route()->getName();
        $userinfo = Cache::get("userinfo:{$uid}");
        $break = true;

        // 根据route判断是否在用户权限列表里

        foreach ( $userinfo['app_list'] as $app ) {
            if ( $app['id'] == env('APP_ID') && in_array($route, $app['routes'], true) ) {
                $break = false;
                break;
            }
        }

        if ( $break )
            exit(json_encode(Output::e('没有权限')));

        return $next($request);
    }

}
